Skills
skills/vchirrav/owasp-secure-coding-md/sast-bandit/Gen Agent Trust Hub

sast-bandit

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill requires the installation of the bandit package via pip. While Bandit is a reputable security tool, installing external dependencies introduces a dependency on the integrity of the PyPI registry.
  • [PROMPT_INJECTION] (LOW): The skill exhibits an indirect prompt injection surface. It processes external Python files that may contain adversarial content designed to influence the agent's behavior when it parses the scan results.
  • Ingestion points: The bandit command reads external files or directories provided at <target-path> (SKILL.md).
  • Boundary markers: There are no explicit instructions or delimiters to tell the agent to ignore instructions embedded within the code being scanned.
  • Capability inventory: The skill executes shell commands (bandit) and reads file content via JSON output (SKILL.md).
  • Sanitization: No evidence of sanitization or filtering of the scanned content before it is parsed by the agent.
  • [COMMAND_EXECUTION] (SAFE): The command execution is restricted to the Bandit utility for its primary intended purpose. No evidence of arbitrary shell command injection or suspicious execution patterns was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:50 PM